[Security] TLS Certificates Verification

Dirk Meyer dmeyer at tzi.de
Tue Aug 19 12:08:21 CDT 2008

Peter Saint-Andre wrote:
> Dirk Meyer wrote:
>> But the roster or the server can be used to help our web of trust. 
> Yes, I think that the roster can help to bootstrap webs of
> trust. Clearly the roster by itself does not get us all the way
> because right now it has no cryptographic qualities.
>> I could sign your key and upload it to _your_ server somehow. When
>> a friend of mine receives your key from your self he also gets my
>> signature knowing that I trust your key.
> Aha, I like that idea. We could modify XEP-0189 (which needs some
> work anyway!) to include signatures of people who trust your key. We
> would also define a way for me to send "your-key-signed-by-me" to
> you, so that you can upload my signature to your key node (but your
> client should not do that if I am not in your roster or you don't
> have some relationship with me). One attractive aspect of this
> approach is that if I subscribe to your key node, I would receive
> notifications whenever you upload a new signature, thus giving
> people a visible reminder of activity within the WoT.

I also want the optional concept of user key and client key. It is
much easier to secure a laptop than a mobile phone or a set-top
box. So I suggest to have an optional client key.

The client (bot) starts without connected to my keys. I can see my bot
using presence. Now I verify that this is my bot (e.g. a small secret
like bluetooth has) and I sign the bot key with my user key. Speaking
of XEP-0189 it could look like this:

| <iq type='result'
|     to='romeo at montague.net/garden'
|     from='juliet at capulet.com'
|     id='items1'>
|   <pubsub xmlns='http://jabber.org/protocol/pubsub'>
|     <items>
|       <item id='julietX509cert1hash'>
|         <key node='urn:xmpp:tmp:pubkey' type='user'>
|           <KeyInfo xmlns='http://www.w3.org/2000/09/xmldsig#'>
|             <KeyName>julietX509cert1hash</KeyName>
|             This is my user key with signatures from friends
|           </KeyInfo>
|         </key>
|       </item>
|       <item id='julietX509cert2hash'>
|         <key node='urn:xmpp:tmp:pubkey' type='client'>
|           <KeyInfo xmlns='http://www.w3.org/2000/09/xmldsig#'>
|             <KeyName>julietX509cert1hash</KeyName>
|             This is a client key with signatures from my user key
|           </KeyInfo>
|         </key>
|       </item>
|       <item id='julietX509cert3hash'>
|         <key node='urn:xmpp:tmp:pubkey' type='client'>
|           <revoked>
|             This is a client key from a client I do no longer trust.
|             The revoke must also be signed by my user key
|           </revoked>
|         </key>
|       </item>
|     </items?
|   </pubsub>
| </iq>

BTW, http://www.w3.org/2000/09/xmldsig# is a pain to understand. I
looked at it for hours and I have no idea how to add a signature.

But back to the problem: If you see my bot you get the client key. Now
there are two choices: First, if you have my user public key you can
ask the bot for the signature or use pubsub to get a list of all my
clients incl. the signature. If you know my public key you can verify
all my bots and chat clients. If you do not know me we can use some
sort of secret so you know that the client is mine. This is similar to
the process to verify my user key except that this client does not
know the key. After that you know that the client with
julietX509cert2hash belongs to me. You see that julietX509cert2hash is
signed by julietX509cert1 so you can be very sure that
julietX509cert1hash also belongs to me. Does this make sense?


Make God laugh - plan for the future.

More information about the Security mailing list